Sites can slurp browser history right out of Firefox 16
Sites can slurp browser history right out of Firefox 16
Plug promised today for leaky hole
Posted in Security, 11th October 2012 12:27 GMT
Free whitepaper – Operationalizing Information Security:
A hole in Firefox 16 makes it possible for a malicious site to access a user’s browsing history, Mozilla security chief Michael Coates revealed in a blog yesterday.
Coates promised a patch today for the vulnerability in the latest version of the browser.
Mozilla 16 was released on Tuesday but pulled a day later because of the vulnerability which would allow a hacker to suck out URLs from the browser history of a visitor of a malicious page.
There was no indication that the weakness was being exploited in the wild said Coates. Users on Firefox 15 are unaffected.
Mozilla-users who don’t want to wait for the patch today can downgrade to Firefox 15.0.1 until the clean version of 16 is ready. ®
Free whitepaper – Operationalizing Information Security:
Send corrections
Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/10/11/snoop_hole_mozilla_firefox_16/